V
V
Vanes Ri_Lax2019-12-24 09:37:17
C++ / C#
Vanes Ri_Lax, 2019-12-24 09:37:17

How to sign a string with a GOST 2012 certificate?

Hello, I have a GOST 2012 certificate issued using the CryptoPRO program.
I need to write a C# program that will sign a string with this certificate.
Here is what I installed on my computer:

  • CryptoPro CSP 5.0 for Windows
  • CryptoPro .NET 1.0.7132.0 (NET-x64-rus.msi)
  • CryptoPro .NET SDK 1.0.7132.0 (NETSDK-x64-rus.msi)

Look at the example below:
C:\Program Files (x86)\Crypto Pro\.NET SDK\Examples\simple.zip\CMS\cs\DetachedSignature.cs

Everything seems to be simple, I wrote the code according to the example:
sing System;
using System.IO;
using System.Security.Cryptography.Pkcs;
using System.Security.Cryptography.X509Certificates;
using System.Text;

namespace MyCrypto
{
    class SingleSigner
    {
        public void MsgSegner(string msg)
        {
            Console.WriteLine("Полученное сообщение: " + msg);

            Encoding unicode = Encoding.Unicode;
            byte[] msgBytes = unicode.GetBytes(msg);

            X509Certificate2 signerCert = GetSignerCert("ГБУЗ");

            Console.WriteLine(signerCert.Subject);
            try
            {
                byte[] encodedSignature = SingMsg(msgBytes, signerCert);
                File.WriteAllBytes("signature.bin", encodedSignature);
            }
            catch (System.ArgumentNullException ex)
            {

            }
            

        }

        private static byte[] SingMsg(Byte[] msg, X509Certificate2 singleCert)
        {

            ContentInfo contentInfo = new ContentInfo(msg);
            SignedCms signedCms = new SignedCms(contentInfo, true);
            CmsSigner cmsSigner = new CmsSigner(singleCert);

            signedCms.ComputeSignature(cmsSigner); //В этой строке выходит исключение: 
//System.Security.Cryptography.CryptographicException: "Could not determine signature algorithm for the signer certificate."
            return signedCms.Encode();
            
           
        }

        static X509Certificate2 GetSignerCert(string signerName)
        {
            X509Store storeMy = new X509Store(StoreName.My,
                StoreLocation.LocalMachine);
            storeMy.Open(OpenFlags.ReadOnly);

            Console.WriteLine("Число сертификатов: " + storeMy.Certificates.Count);

            X509Certificate2Collection certColl =
                storeMy.Certificates.Find(X509FindType.FindBySubjectName,
                signerName, false);
            Console.WriteLine(
                "Найдено {0} сертификат(ов) в хранилище {1} для субъекта {2}",
                certColl.Count, storeMy.Name, signerName);

            if (certColl.Count == 0)
            {
                Console.WriteLine(
                    "Сертификат для данного примера не найден " +
                    "в хранилище. Выберите другой сертификат для подписи. ");
                return null;
            }

            storeMy.Close();

            return certColl[0];
        }
    }
}

I understand that the error is that he does not know how to work with GOST certificates, but what am I doing wrong? Thank you very much in advance!

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question